Jump to content
Tuts 4 You

[unpackme] Armadillo v6.0.4 Custom Build

acidflash

By acidflash
in UnPackMe

 Share

Recommended Posts

acidflash

acidflash

Posted
Posted

Should be simple enough :)

esp with CondZero's fantastic tool.....

I'll post a valid key if the armadillo killers amoung us need help with secure sections.

-acid

Armadillo_v6.04_UnPackMe.rar

  • Replies 53
  • Created
  • Last Reply

Top Posters In This Topic

  • XytroX

    7

  • ghandi

    6

  • Apuromafo

    5

  • acidflash

    5

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

ghandi
ghandi

It is not bruteforcing secure sections at all, it is bruteforcing the actual certificate data which contains the keys and offsets for the secure sections. If/when it succeeds it provides a symmetric k

ghandi
ghandi

The symmetric is used as one of the seeds for building the 0x400 byte table. This table is hashed with MD5 and the resulting hash is the key used for decrypting the certificate descriptors, the contai

ghandi
ghandi

I've coded my own SymmetricVerify routine in ASM, C and CUDA, now i just need to throw it all away and start from scratch... I have verified the function has worked on default certificates which i kno

Sonny27

Sonny27

Posted
Posted

Haha, what about sharing a Custom Build of Armadillo, simply without a key to save your privacy, that

CondZero

CondZero

Posted
Posted

My shameless unpacked / fixed dump using Armageddon v1.4

(note: I would have reduced PE size eliminating useless Arma sections,

but we are still finalizing this functionality)

Special thanks to *EvOlUtIoN* for the idea of jumping

to a code cave and injecting environment variables.

Secured sections will require a key and are NOT unlocked.

cheers

UnPackMe_dump.rar

acidflash

acidflash

Posted
  • Author
Posted
My shameless unpacked / fixed dump using Armageddon v1.4

(note: I would have reduced PE size eliminating useless Arma sections,

but we are still finalizing this functionality)

Special thanks to *EvOlUtIoN* for the idea of jumping

to a code cave and injecting environment variables.

Secured sections will require a key and are NOT unlocked.

cheers

Seems I'm wasting my time... Only thing worth crap are the SECURE sections, otherwise it might as well be UPX....

Silicon Realms needs to get its act together and stop ripping us off with new pay to upgrade versions (6.x) that are pretty much 5.x.

-acid

acidflash

acidflash

Posted
  • Author
Posted
Haha, what about sharing a Custom Build of Armadillo, simply without a key to save your privacy, that
Sonny27

Sonny27

Posted
Posted

Why should he do that?

Posting protectors in the right section ain

Teddy Rogers

Teddy Rogers

Posted
Posted
Silicon Realms needs to get its act together and stop ripping us off with new pay to upgrade versions (6.x) that are pretty much 5.x.

I've been saying this for a long time. What I also find bad is they charge the same price for the 64bit version to existing owners of the 32bit version.

To be fair though Armadillo has Software Passport which is a bonus for software developers and I think it is why Armadillo is still popular today...

Ted.

acidflash

acidflash

Posted
  • Author
Posted (edited)
Silicon Realms needs to get its act together and stop ripping us off with new pay to upgrade versions (6.x) that are pretty much 5.x.

I've been saying this for a long time. What I also find bad is they charge the same price for the 64bit version to existing owners of the 32bit version.

To be fair though Armadillo has Software Passport which is a bonus for software developers and I think it is why Armadillo is still popular today...

Ted.

I've been porting our important apps from Arm to WinLicense.. At least there are less people to unpack it (and no click here to own the target tools, that I know of).

-acid

Edited by acidflash
  • 3 weeks later...
acidflash

acidflash

Posted
  • Author
Posted

Fungus, perfect!

All sections work perfectly, and you did them with out any key :)

Very impressive,

-acid

unpackme officially unpacked.

Teddy Rogers

Teddy Rogers

Posted
Posted

Good team work Fungus! Excellent news... :thumbs:

Ted.

XytroX

XytroX

Posted
Posted (edited)

Fungus, im lost for words!

secured sections are unpacked without a valid key? wow! very impressive, indeed!

do you mind to share some hints into the right direction how it is possible ;)

XytroX

Edited by XytroX
quosego

quosego

Posted
Posted

damn fungus, nice work without valid keys!!

quosego

  • Like 1
littleuser

littleuser

Posted
Posted (edited)

There are several bugs that allow unpacking without any valid keys. Some are harder to exploit, some are easier. But they have been existed for more than 2 years and they remain private that's why they still exist.

Edited by littleuser
XytroX

XytroX

Posted
Posted

i accept that, but all i asked for was a hint - not a tut...

as i asked for a hint where the secured sections are managed (in the armadillo unpackme 6.0.0 thread) Fungus has no problem

to share that.

"If you get anywhere with it , please share =]" - his words...

i dont know what's so special on this topic - i think nanos e.g. are much more used in the wild and you find enough tuts about that. same to debug-blocker and copymem-II and all those stuff. even the tools out there works fine.

nothing has changed dramatically - so again: what is so special on secured sections?

but don't get me wrong! as i said before - i accept that and it is ok.

no hard feelings, ok? :)

regards

XytroX

Fungus

Fungus

Posted
Posted

Secured sections are actually used quite a lot, and it is not easy to do this =]

I worked with armadillo a long time now, and am quite proud to do this. But I will keep how to do it private, so that the holes remain.

XytroX

XytroX

Posted
Posted

are they? - oops - then that's why there are always missing functions in my dumps :D

(just kidding) (?)

you can surely be proud of it!

im working with it a long time too and i've discovered few things by myself so i think i know what i'm talking about.

but without a clue and all alone - nope - can't spend so much time on it...

that's the advantage of team-working....

It's a pity but however - that's the way it is. :(

regards

XytroX

abcd-abcd

abcd-abcd

Posted
Posted (edited)

I'm going to sound dumb but, how do I get this unpacker to work. I saw the demo but, all I got was one exe I didn't get the unpackme.arm file. I also have version 5.42 Public Build. I can't find 6.0.0 anywhere.

Any help would be appreciated.

Thanks

EDIT: I see the reason is since I don't have the correct version. I found 6.0.0.6 but, it's only unlocking the first 2.

Edited by abcd-abcd
aztecx

aztecx

Posted
Posted
are they? - oops - then that's why there are always missing functions in my dumps :D

(just kidding) (?)

you can surely be proud of it!

im working with it a long time too and i've discovered few things by myself so i think i know what i'm talking about.

but without a clue and all alone - nope - can't spend so much time on it...

that's the advantage of team-working....

It's a pity but however - that's the way it is. :(

regards

XytroX

He's keeping it private for a reason - maybe once they've patched the bugs he will tell you how it's done?

abcd-abcd

abcd-abcd

Posted
Posted

Thanks so much for this!

I hope this question isn't off-topic, I'm not sure where to ask this. Is there a fix to reduce the size of the output protected file? Example: After protecting the file with Armadillo it makes the original 52kb file to 600+ kb.

HVC

HVC

Posted
Posted (edited)
I hope this question isn't off-topic, I'm not sure where to ask this. Is there a fix to reduce the size of the output protected file? Example: After protecting the file with Armadillo it makes the original 52kb file to 600+ kb.

I dont see how this, or your previous question, fits into this thread. :cc_confused:

You are not supposed to ask random questions about armadillo in any thread that happens to include "armadillo" in the description.... :rolleyes:

Edited by HVC
XytroX

XytroX

Posted
Posted
He's keeping it private for a reason - maybe once they've patched the bugs he will tell you how it's done?

maybe. would be nice.

on the other hand - maybe once before they've patched the bugs i've found them by myself? B)

but i don't spend much time in it at the moment. you know - more haste, less speed...

perhaps i search for the bugs in an older version - 2.20 or so (hopefully they exist in 2.20. ;) )

there is less junkcode in there...

i did the same with copymem-II (or was it 2.52? can't remember) and that was a big help for me to bypass

that *** in newer versions.

time will tell...

i let you know - oops - no i don't.

if i ever know how to do it, "I'll keep how to do it private, so that the holes remain." :D

@Fungus

sorry to quote you - don't be cross with me, ok?

XytroX

Fungus

Fungus

Posted
Posted

I don't mind =]

If you manage it, msg me and we can trade ways =]

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...